Hackers have allegedly targeted OKX, stealing funds from at least two accounts in a sophisticated attack involving SMS risk notifications and the creation of new API keys.
Crypto exchange OKX has reportedly been targeted by hackers, with at least two users reporting their funds were drained after receiving SMS risk notifications from Hong Kong.
两个不同的受害者,今天凌晨遭遇的交易所账号被盗币事件的手法及一些特征居然是相似的,除了 @AsAnEgg 提到的共性,还包括短信风险通知来自“香港”这个特征、创建了新的 API Key(有提现、交易权限,这也是为什么之前怀疑有对敲意图,目前看来可以排除了)。… https://t.co/pqIjqLhmkB
— Cos(余弦)😶🌫️ (@evilcos) June 9, 2024
According to SlowMist founder Yu Xian, an unidentified entity created new API keys with withdrawal and trading permissions, allowing them to swap and drain the coins from the platform. OKX’s Chinese branch stated in a Jun.9 post on X that the exchange has reached out to the affected users and is currently investigating the incidents.
You might also like: Fake airdrop SMS to KuCoin users stir data leak concerns
“If it’s finally determined that the platform is responsible, the platform will take the initiative to bear it. In addition, we will announce the results as soon as the relevant investigation is completed.”
OKX Chinese
As of press time, the full extent of the attack remains unclear, and it’s yet to be seen how exactly the hackers managed to hijack the trading accounts.
SIM swapping, a form of phone hijacking, has long been a significant threat to crypto investors, with even major industry players falling victim. For instance, in 2021, Coinbase disclosed that hackers had stolen crypto from about 6,000 users by bypassing multi-factor authentication in a suspected phishing campaign that involved hijacking two-factor authentication SMS messages.
Other incidents have involved hijackers porting phone numbers to intercept one-time passwords and validate transactions or change account credentials. In response, many major crypto companies have moved away from SMS-based two-factor authentication, though some still rely on this authentication method.
Read more: As SIM swap attacks amplify, companies recommend against using SMS as 2FA